As the Internet and its underlying technologies have become increasingly familiar, attention has become focused on Internet security and computer network security in general. With unprecedented access to information have also come unprecedented opportunities to gain unauthorized access to data, change data, destroy data, make unauthorized use of computer resources, interfere with the intended use of computer resources, etc. These opportunities have been exploited time and time again by many types of malware including, but not limited to computer viruses, worms, Trojan horses, etc.
Recently, some new types of software have emerged, collectively called “spyware.” Spyware, while not as malicious as the aforementioned conventional viruses, Trojan horses, etc., may still cause problems for computer users. For example, spyware may be designed to log keystrokes, track which websites a computer user visits, and/or transmit personal information to a third party.
Keylogging is one of the most insidious threats to a user's personal information. Passwords, credit card numbers, and other sensitive or personally identifying information are potentially exposed. Efforts have been made to counter such a threat. One approach is to require a user to enter random keystrokes between entering actual keystrokes of a password or username in order to frustrate the keylogger. However, this method requires extensive user training and intervention.
Several websites offer the possibility of using an on-screen virtual keyboard that lets a user enter a password by clicking buttons on a screen. These schemes offer variable increments of security based on how they are implemented, but even the simplest ones bypass the majority of keystroke loggers. However, not all Web sites offer such a feature.